﻿using System;
using System.Data;
using System.Web.Security;
using System.Web.UI;
using ltModel;
using System.Web;

public partial class Shared_Login : RadBasePageEx
{
    protected void Page_Load(object sender, EventArgs e)
    {
        if (!IsPostBack)
        {
            CheckIpLocked();
        }
    }

    protected void Login_Click(object sender, EventArgs e)
    {
        ShowIfError(LoginFailed());
    }

    ltModel.BLL.loginlog lbl = new ltModel.BLL.loginlog();

    void CheckIpLocked()
    {
        if (!IpHelper.IsIpAllowed(Request.UserHostAddress) &&
            IpHelper.IsIpLocked(Request.UserHostAddress))
        {
            loginPanel.Controls.Clear();
            loginPanel.Controls.Add(new LiteralControl("该用户IP已经被管理员锁定，请与管理员联系！"));
            return;
        }
        if (lbl.IsLogTanto(Request.UserHostAddress))
        {
            IpHelper.AddLocked(Request.UserHostAddress);
            loginPanel.Controls.Clear();
            loginPanel.Controls.Add(new LiteralControl("您登录太频繁，已经被锁定，请与管理员联系！"));
            return;
        }
    }

    bool LoginFailed()
    {
        /*if (!t4.IsValid)
        {
            AddError("验证码错误！");
            return true;
        }*/
        if (!Page.IsValid)
        {
            AddError("验证失败，请重试！");
            return true;
        }
        if (lbl.IsLogTanto2(Request.UserHostAddress))
        {
            AddError("您操作太频繁，请稍后再试！");
            return true;
        }

        ltModel.BLL.article_user abl = new ltModel.BLL.article_user();
        string uname = DataProtector.ToSBC(t1.Text.Trim());
        string pwd = DataProtector.EncryptDBString(t2.Text);
        DataTable dt = abl.GetList(" username = '" + uname + "'").Tables[0];
        if (dt.Rows.Count > 0)
        {
            if (string.CompareOrdinal(pwd, dt.Rows[0]["userpass"].ToString()) != 0)
            {
                AddError("登录失败，密码错误！");
                return true;
            }
            if (dt.Rows[0]["lock"].ToString() == "1")
            {
                AddError("该用户已经被锁定，请与管理员联系！");
                return true;
            }
            lbl.AddSuccessLog(Request.UserHostAddress, uname);

            FormsAuthentication.SetAuthCookie(dt.Rows[0]["user_id"].ToString(), true);
            if (jz.Checked == true)
            {
                Request.Cookies[FormsAuthentication.FormsCookieName].Expires.AddHours(3400);
                Response.Redirect("~/ltMan/index.aspx");
            }
            Response.Redirect("~/ltMan/index.aspx");


        }
        else
        {
            AddError("登录失败，该用户不存在！");
            lbl.AddFailedLog(Request.UserHostAddress, uname);
            return true;
        }

        return false;
    }

    void AddError(string message)
    {
        errWin1.AddError(message);
    }

    void ShowIfError(bool hasError)
    {
        if (hasError)
            AddScriptM("showErr();");
    }
}